Where can you obtain a product that meets your requirements, Gary?
Actually, a DOS-boot scan is the absolute surest to catch a catalogued
virus. Again, with the caveat that the floppy is created on a
known-virus-free machine and write-protected. It wouldn't surprise me a bit
to find out that one or more viruses are perfectly capable of disguising
themselves from an online scan or preemptively disabling the scan.
--
Gary S. Terhune
MS MVP Shell/User
The Eicar test works and I have tried on line scans too. Nothing ever found.
I have used EZ for years and I trust it. Guess my browsing habits are
different than the average. I won't push my luck - I don't need a copy.
--
mae
Well, I have a few copies of viruses--want me to send you some, <g>?
The test is in the pudding--if you are certain the app is running in the
background (which you *can* test using the Eicar string) and that it is up
to date, then the real test is that the machine hasn't yet been infected.
Either that or risk a failure by testing with a known virus--and even then,
you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a
known virus is to test using online or DOS-floppy-boot-based AV scans. (If
using a floppy boot scan, be sure you create that floppy on a different
machine, and that you write-protect it before putting it into the test
machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I
run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years.
I've even used it. I didn't say it wasn't a reliable test. I said it was a
"limited" test. Yes, it tests to see if background scanning is functioning.
It does not test to see if definitions are up to date. It does not test to
see if some virus has managed to thwart its functioning in ways that would
not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose,
suggesting to average users that they "test antivirus" using this method is
seriously misleading.
--
Gary S. Terhune
MS MVP Shell/User
People who aren't already savvy, the very people I assume OPs post was aimed
at, aren't going to know about the limited purpose the test string serves
unless someone lays it out for them in detail. Yes, they may find out their
AV isn't functioning when they thought it was (or simply hadn't a clue), but
by not understanding the limitations, they can easily be lulled into a false
sense of security. And *that* is the objection to OP's post.